Last week Sen. Reed (D,RI) introduced S 536, the Cybersecurity
Disclosure Act of 2017. The bill would require the Security and Exchange
Commission (SEC) to establish rules requiring companies to list board members
with cybersecurity expertise on annual reports. This is nearly the same as S
2410 that Reed introduced in the 114th Congress.
Differences from Earlier Bill
There are two detectable, but relatively insignificant
differences between S 536 and S 2410. The first is that S 536 adds a definition
of ‘NIST’ to §2(a).
Secondly, S 536 adds a brief reference to NIST Special Publication 800-181 to
the discussion {§2(c)}
of what should constitute cybersecurity expertise in the SEC regulations.
Moving Forward
While Reed is a senior member of the Senate Banking,
Housing, and Urban Affairs Committee to which this bill was assigned for
consideration, he was not able to get his earlier bill considered by that
Committee in the last session, so it is unlikely that he will be able to do so
in this session.
There is nothing in this bill that should draw significant
opposition. This bill should be able to pass in Committee if it is brought up.
Posts
No comments:
Post a Comment